mod_fail2ban: Add 'access' option for whitelisting

Closes #535.

src/mod_fail2ban.erl

@@ -53,6 +53,10 @@ start_link(Host, Opts) ->
     gen_server:start_link({local, Proc}, ?MODULE, [Host, Opts], []).
 
 c2s_auth_result(false, _User, LServer, {Addr, _Port}) ->
+    case is_whitelisted(LServer, Addr) of
+	true ->
+	    ok;
+	false ->
 	    BanLifetime = gen_mod:get_module_opt(
 			    LServer, ?MODULE, c2s_auth_ban_lifetime,
 			    fun(T) when is_integer(T), T > 0 -> T end,
@@ -67,6 +71,7 @@ c2s_auth_result(false, _User, LServer, {Addr, _Port}) ->
 		    ets:insert(failed_auth, {Addr, N+1, UnbanTS, MaxFailures});
 		[] ->
 		    ets:insert(failed_auth, {Addr, 1, UnbanTS, MaxFailures})
+	    end
     end;
 c2s_auth_result(true, _User, _Server, _AddrPort) ->
     ok.
@@ -160,6 +165,12 @@ code_change(_OldVsn, State, _Extra) ->
 %%%===================================================================
 %%% Internal functions
 %%%===================================================================
+is_whitelisted(Host, Addr) ->
+    Access = gen_mod:get_module_opt(Host, ?MODULE, access,
+				    fun(A) when is_atom(A) -> A end,
+				    none),
+    acl:match_rule(Host, Access, Addr) == allow.
+
 unban_timestamp(BanLifetime) ->
     {MegaSecs, MSecs, USecs} = now(),
     UnbanSecs = MegaSecs * 1000000 + MSecs + BanLifetime,